Orhan Ermiş

An improved conference-key agreement protocol for dynamic groups with efficient fault correction

The pervasive usage of the Internet has made secure group communications a significant issue. Conference-key agreement protocols provide secure group communications with lower computational cost. Providing key agreements and updates of dynamic groups in an efficient manner is a significant challenge for conference-key agreement protocols. Auxiliary key agreement operations are needed to solve the challenge. In this paper, we propose an improved conference-key agreement protocol, called Dynamic Conference-Key Agreement Protocol, that consists of Initial Conference-Key Agreement Protocol and Auxiliary Conference-Key Agreement operations. Dynamic Conference-Key Agreement Protocol has operations to handle dynamic groups. The proposed protocol has better fault correction and provides the same security level with the existing ones. Copyright

An improved fault-tolerant conference-key agreement protocol with forward secrecy

The pervasive usage of the Internet has made secure group communications a significant issue. Conference key agreement protocols provide secure group communications against some attacks with lower computational cost in the Internet. However, forward secrecy is a challenging issue in the existing protocols, where it is preserved either the long-term key of a participant is compromised. In this study, we propose an improved conference key agreement protocol with forward secrecy. Besides providing forward secrecy, the proposed protocol preserves the same security level with existing ones.

A key agreement protocol with partial backward confidentiality

Abstract The essence of dynamic group key agreement protocols is to help compute a secure key for a group communication with a dynamic set of participants in distributed systems. In dynamic group key agreement protocols, the number of participants may change over time because of participants leaving or joining the group. The security of such join and leave operations are affected by the existence of backward confidentiality and forward confidentiality, respectively. Dynamic group key agreement protocols are expected to be used in applications such as file sharing systems. However, there are a number of problems in the use of existing dynamic group key agreement protocols in file sharing systems such as lack of privacy, violation of availability and dependency for key escrow. In this study, we propose a new security property called partial backward confidentiality. Partial backward confidentiality is the property, in which a new participant can compute the last valid group key just before joining the group but the new participant cannot compute former group keys. Moreover, we propose a key agreement protocol to show the provision of partial backward confidentiality that helps to solve file sharing system problems above. Furthermore, we have analyzed the security of the proposed protocol with respect to impersonation attacks under the difficulty in discrete logarithm problem and eavesdropping under the Decisional Difie-Hellman Problem. We present a proof of concept case study called Private File Sharing System in order to show the applicability of partial backward confidentiality property.

Attribute Based Content Security and Caching in Information Centric IoT

Information-centric networking (ICN) is a Future Internet paradigm which uses named information (data objects) instead of host-based end-to-end communications. In-network caching is a key pillar of ICN. Basically, data objects are cached in ICN routers and retrieved from these network elements upon availability when they are requested. It is a particularly promising networking approach due to the expected benefits of data dissemination efficiency, reduced delay and improved robustness for challenging communication scenarios in IoT domain. From the security perspective, ICN concentrates on securing data objects instead of ensuring the security of end-to-end communication link. However, it inherently involves the security challenge of access control for content. Thus, an efficient access control mechanism is crucial to provide secure information dissemination. In this work, we investigate Attribute Based Encryption (ABE) as an access control apparatus for information centric IoT. Moreover, we elaborate on how such a system performs for different parameter settings such as different numbers of attributes and file sizes.

A Framework for Trust Assessment of Security Systems on Flexible Networks

Recently, flexible networks contain various services designed and implemented by different vendors to accomplish specific tasks. Trust to security systems of such services is a significant challenge. In this paper, we propose a framework to assess trust to security systems of web services based on security policy specifications and security mechanisms running on flexible networks. The framework may be used to implement an automated system to assess trust of a specific security system protecting web services. The trust assessment process is explained with a scenario to show the applicability of the framework.

A Comparative Study on the Scalability of Dynamic Group Key Agreement Protocols

With the pervasive use of communications technologies, security of multiparty communication systems becomes crucial more than ever. However, providing a secure communication in distributed and dynamic networks is a challenging issue. Dynamic group key agreement protocols are one of the best candidates to overcome this issue. In dynamic group key agreement protocols, each participant in a group involves into the key computation. Moreover, dynamic group key agreement protocols provide auxiliary dynamic group operations for updating the group key when the set of participants is updated. In this paper, a comparative study on the scalability of dynamic group key agreement protocols is presented to show the best possible group key agreement protocol for specific-sized networks. Furthermore, we present simulations for scalability analysis of dynamic group key agreement protocols. Finally, we analyze and compare the performance of protocols regarding computational and communications costs.

A secure and efficient group key agreement approach for mobile ad hoc networks

Abstract Mobile ad hoc networks have been used in many application areas such as sensors, file sharing and vehicle-to-vehicle communications. Providing secure communications among the users in such networks is a significant issue. Group key agreement protocols are frequently used to provide security in mobile ad hoc networks. There is a number of problems related to the use of group key agreement protocols in mobile ad hoc networks, such as adaptation in cluster-based communications, securely selecting the cluster head for inter-cluster communications, providing secure group key update mechanism for dynamic groups and reducing costs of communications and computations. In this study, we propose a secure and efficient group key agreement protocol that is adaptive for cluster-based communications in mobile ad hoc networks. We describe a novel secure cluster-head selection mechanism in the proposed protocol. The protocol provides security for dynamic group operations in addition to the basic security properties. The proposed protocol also provides better performance in terms of reducing the communications and computational costs. Finally, we present a set of simulations for the proposed protocol in mobile ad hoc networks scenario.

Adaptive Trust Scenarios for Mobile Security

Mobile systems interact with many autonomous entities and multiple services that provide a ubiquitous environment for societies. In this environment, trust to security is a challenging issue. Entities and services have unpredictable behaviors therefore conventional trust models have limited accuracy for security related computations due to static nature of the models. Adaptive trust computations are needed to make accurate trust decisions. In this paper, we propose an adaptive approach to compute trust for mobile security. We evaluate the approach with different scenarios and comparisons to show the adaptive property.

Lightweight context-aware security system for wireless Internet access

In this study, we present a lightweight context-aware security system for wireless Internet access. Our system consists of an Android mobile application and a web browser plug-in called G&ALF. Android application is used to retrieve the public configuration parameters of available wireless connections, evaluate the context and assess the security level of the wireless network. Then, the assessment outcome is sent to G&ALF, which controls the Internet access of users. In addition to proposed context-aware security system, we describe the security assessment criteria that is used in our system design.

Open problems for group-key agreement protocols on Vehicular Ad-hoc Networks

Security is a challenging issue in Vehicular Ad-hoc Networks since entities in the networks generally use insecure channels to communicate with each other, where key agreements are a major challenge. Actually, there exist several security constraints in vehicle to infrastructure communication and vehicle-to-vehicle communications. In this paper, we address open problems related to secure key agreement in Vehicular Ad-hoc Networks by comparing traditional group key agreement protocols with other key agreement protocols.